Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is not used after the init, should be freed, call acpi_put_table() to fix the memory leak.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.0, < 4.14.303 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/08fd965521d0e172d540cf945517810895fcb199Patch
- https://git.kernel.org/stable/c/0bd9b4be721c776f77adcaf34105dfca3007ddb9Patch
- https://git.kernel.org/stable/c/1af2232b13837ce0f3a082b9f43735b09aafc367Patch
- https://git.kernel.org/stable/c/2fcd3dc8b97a14f1672729c86b7041a1a89b052aPatch
- https://git.kernel.org/stable/c/37e90c374dd11cf4919c51e847c6d6ced0abc555Patch
- https://git.kernel.org/stable/c/927860dfa161ae8392a264197257dbdc52b26b0fPatch
- https://git.kernel.org/stable/c/986cd9a9b95423e35a2cbb8e9105aec0e0d7f337Patch
- https://git.kernel.org/stable/c/b0785edaf649e5f04dc7f75533e810f4c00e4106Patch
FAQ
What is CVE-2022-50389?
CVE-2022-50389 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information ...
How severe is CVE-2022-50389?
CVE-2022-50389 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-50389?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.